Cyber Security

Genesis Black Market Dismantled, But Experts Warn of Potential Vacuum

A major coordinated effort took down the black market for stolen data, but experts warn the fight to secure data is ongoing.

A coordinated federal effort between agencies including the Federal Bureau of Investigation and Department of Justice spearheaded the takedown of a major online black market that proliferated and sold stolen access credential data across the internet.

Operating since March 2018, Genesis Market was formally dismantled following an investigation spanning domestic and international law enforcement agencies. Within the U.S., Justice worked in tandem alongside 45 FBI field offices to identify accounts used within Genesis Market to sell stolen identity credentials, normally secured through the deployment of malware. 

These credentials were linked to individuals as well as staff in private and public sectors across the world. 

“Our seizure of Genesis Market should serve as a warning to cybercriminals who operate or use these criminal marketplaces: the Justice Department and our international partners will shut down your illegal activities, find you, and bring you to justice,” said U.S. Attorney General Merrick Garland in a statement.

Law enforcement reports that since its inception, Genesis Market has offered access to information stolen from private networks in 1.5 million computers globally. Some of the industries whose credentials ended up for sale on the platform were in the financial services, critical infrastructure and government sectors. 

Individuals who wished to purchase stolen login data had access to a search engine on the platform to easily find information based on a sector or specific type of account. Genesis Market also sold unique combinations of device identifiers with browser cookies to form a “fingerprint” that could evade fraud detection protocols installed in many digital systems and networks for illegal, undetected account access.  

The FBI and Justice took steps to take down Genesis with help from law enforcement agencies in a plethora of ally nations, including Poland, Spain, the Netherlands, Australia and Germany. 

“Today’s takedown of Genesis Market is a demonstration of the FBI’s commitment to disrupting and dismantling key services used by criminals to facilitate cybercrime,” said FBI Director Christopher Wray. “The work in this case is a great example of the FBI’s ability to leverage our technical capabilities and work shoulder-to-shoulder with our international partners to take away the tools cyber criminals rely on to victimize people all across the world.”

Credentials secured during this operation, known internally as Operation Cookie Monster, are currently being posted on a nonprofit website called “Have I Been Pwned,” a free service available to verify if personal information has been compromised in a data breach.

In conjunction with federal law enforcement’s seizure, the U.S. Treasury formally sanctioned Genesis Market for its facilitation of the sale of stolen data.

“The United States, along with our international partners, will not allow illicit marketplaces to operate with impunity,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian Nelson. “Treasury will continue to work closely with our law enforcement colleagues to disrupt this activity and hold malign cyber actors accountable.”

Industry players noted that while the takedown of Genesis is a good step, its absence stands to create a vacuum in the black market data landscape. 

“Unfortunately, when one of these sites is removed, it creates a vacuum that could be quickly filled by others,” said Adrianus Warmenhoven, a cybersecurity advisor for NordVPN. He highlighted 2easy as a rival platform for the illegal sale of stolen credentials, which, despite ceasing activity at the start of 2023, may stage a comeback.

“There is a long way to go if the goal is to eradicate the illegal trade in online identities,” he said. 

Advertisement. Scroll to continue reading.

Copyright 2021 Associated Press. All rights reserved.

Source: https://www.nextgov.com/cybersecurity/2023/04/genesis-black-market-dismantled-experts-warn-potential-vacuum/384849/

Click to comment

You May Also Like

Cyber Security

A top Defense Department official described the private sector as “absolutely essential” in implementing the agency’s new cyber strategy. A top Defense Department official...

Cyber Security

How a cornerstone cybersecurity program has evolved from information collection to active defense. The Cybersecurity and Infrastructure Security Agency has used its Continuous Diagnostics...

Cyber Security

Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors. Cybersecurity experts say critical infrastructure operators can leverage a set...

Cyber Security

A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version